<?php
#基础函数
include_once('_path.php');

include_once(_ROOTPATH."backend/includes/init.php");
$action = $_REQUEST['action'];
$username = trim($_REQUEST['username']); 
$password = trim($_REQUEST['password']); 

#用户登录
if($action=='login')
{
        $quote['username'] = string_sql($username);
        $quote['password'] = string_sql(md5($password));
        $term2 = $database->queryFirst("select id FROM admin where username=".$quote['username']." AND password=".$quote['password'].";");

		if(!$term2)
		{
			echo "<script>alert('请输入正确的用户名或密码');</script>";
		}else
		{
				//session
                        $_SESSION['id'] = $term2['id'];
                        $_SESSION['username'] = $username;
                        header("Location:"._CONST_BACKEND_URL ."members/index.php");

		}
}

$css = array();
$js = array();

include_once(_ROOTPATH."backend/layout/_header.php");

?>
<div class="content clearfix">
    <form action="<?= _CONST_BACKEND_URL ?>login.php?action=login" method="post" id="form" name="form">
		<div class="login">
			<table class="table-input">
				<tr>
					<td class="title">帐号</td>
					<td><input type="text" size="50" name="username"></td>
				</tr>
				<tr>
					<td class="title">密码</td>
					<td><input type="password" size="50" name="password"></td>
				</tr>
				<tr>
					<td class="title"> </td>
					<td><input type="submit" name="" value="登录" class="btnA" /></td>
				</tr>
			</table>
		</div>
</form>
</div>
<?
include_once(_ROOTPATH."backend/layout/_footer.php");
?>
<? exit(); ?>